Restricting VLANS in CAT6509

Unanswered Question
May 7th, 2007

can someone let me know as how to restrict VLANs on the 6509 trunk port?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.8 (3 ratings)
Loading.
mahmoodmkl Mon, 05/07/2007 - 08:25

Hi

by saying restrict u mean u dnot want traffic from specific vlan to pass through this trunk port.in that case the command differs from ios and catos point of view.

on ios

u can use the below command

switchport trunk allowed vlan (vlanlist)

on catos u can use

clear trunk mod/port (vlan id)

Thanks

Mahmood

skanniap Mon, 05/07/2007 - 09:03

Thanks, how does this differ from VLAN pruning? I am not getting it clear from the Cisco documents.

ankbhasi Mon, 05/07/2007 - 09:08

Hi Friend,

If you clear vlan from the trunk interface it will not allow BPDUs also to pass for that vlan but VLAN pruning never stops BPDUs.

VTP pruning does not change a link's STP characterstics. BPDUs will still be broadcasted on the link in order to build a STP for that vlan and the trunk links still participate in STP convergence. Fot that reason it might be preferrable to clear the VLAN from the trunk link.

HTH

Ankur

*Pls rate all helpfull post

skanniap Mon, 05/07/2007 - 09:25

Thanks, so I assume that it would be enough that I allow only the management VLAN and the specific user VLAN and server farm VLAN (for the PC to communicate to server farm) on the trunk. Do I need to configure this at both side of the trunk? or it is fine to have on the distributing side alone? also if I want to allow the VLAN traffic again after clearing ID on trunk in CAT OS how can I do that?

I am looking for a doc with similar example in Cisco site and not getting it..

ankbhasi Mon, 05/07/2007 - 09:36

Hi Friend,

Yes it is always good practise to allow only those vlans on trunk which are there in network and which need to be passed on the trunk and not all vlans.

Also it is always good practice to restrict the vlan on trunk on both the sides instead of restricting on one side.

Have a look at this link for more details on how to configure the same.

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3750/12235se/scg/swvlan.htm#wp1100014

HTH

Ankur

*Pls rate all helpfull post

skanniap Mon, 05/07/2007 - 09:44

Thanks, I had a chance to see this doc before but it describes configuration on a IOS based switch and not on CAT OS, can you let me know as how I can enable VLAN traffic to flow again after clearing on a cat 6509 trunk.

skanniap Mon, 05/07/2007 - 20:05

Thanks a lot for the quick response and guidance, I got it..

Rgs

Suresh

Actions

This Discussion